近日,中国科学院大学密码学院博士研究生龙重余作为第一作者撰写的研究论文《DEBridge: Towards Secure and Practical Plausibly Deniable Encryption Based on USB Bridge Controller》被30th European Symposium on Research in Computer Security (ESORICS 2025)会议接收。该研究聚焦可否认加密存储技术领域,提出了一种基于桥接芯片的名为“DEBridge”的创新性方案。可否认加密是一种高强度隐私保护技术,能在受胁迫等极端情况下,有效保护用户的敏感数据不被泄露。
2025年9月,龙重余同学受邀参加ESORICS 2025会议,并在大会上就该项研究工作做了学术报告。
Abstract:Plausibly deniable encryption (PDE) systems have been developed to enable users to securely store sensitive data while plausibly denying its existence under coercion to disclose encryption keys. However, the majority of existing PDE systems are software-based, lacking hardware-level security protection for keys. Additionally, they often require the installation of additional supporting software and depend on specific operating systems (OS), file systems (FS), or storage media, significantly limiting their practicality.
To address these limitations, we present DEBridge, the first PDE system based on the USB bridge controller — a component that supports and controls data transfer between a host and a storage device. With the help of USB bridge controller, DEBridge introduces hardware security modules to provide hardware-level security protection for keys. We implement the “pseudo disk” as an interface for users to interact with the device, thereby avoiding the installation of additional software. Furthermore, DEBridge integrates hidden volume technology that supports multi-level deniability into the firmware of the USB bridge controller, thereby eliminating the dependence on OS, FS or storage media. We implement DEBridge on the TUSB9261 USB bridge controller and evaluate its feasibility and performance. Given the peculiarities and sensitivities of PDE systems themselves, we believe that the security and practicality brought by DEBridge are of significant value.
论文信息:Chongyu Long, Yuewu Wang, Lingguang Lei, Haoyang Xing and Jiwu Jing: “DEBridge: Towards Secure and Practical Plausibly Deniable Encryption Based on USB Bridge Controller,” in European Symposium on Research in Computer Security (ESORICS 2025)(CCF-B)
